C:\Users\Mike\Desktop\Darkcomet\Crypted Server.pdb
Static task
static1
Behavioral task
behavioral1
Sample
19032a633afb59d6a619f5f9cc1158a2_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
19032a633afb59d6a619f5f9cc1158a2_JaffaCakes118.exe
Resource
win10v2004-20240611-en
General
-
Target
19032a633afb59d6a619f5f9cc1158a2_JaffaCakes118
-
Size
865KB
-
MD5
19032a633afb59d6a619f5f9cc1158a2
-
SHA1
200eaa035a9caaf10cbbfb6a49208dd006babdf6
-
SHA256
35bc08c80902a5f572582183c9b89891cccf2a80b5527e9a00a573e30a0883bb
-
SHA512
82a77646c6b1171fcaa311a7408f4a1178cbb8b980c7f030beb6a58766642b68dfdefa0a00f426ce333b11ee7017702f83dacf391ac7b05baf498df2b27b27bd
-
SSDEEP
24576:HjmyKIeu4p0/h/2C/LCWWwwndeJNW24sbtv4SPJ:HjZKIeu4p0/52C/+WPwndcNW24sJv4SB
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 19032a633afb59d6a619f5f9cc1158a2_JaffaCakes118
Files
-
19032a633afb59d6a619f5f9cc1158a2_JaffaCakes118.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
mscoree
_CorExeMain
Sections
.text Size: 690KB - Virtual size: 689KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.sdata Size: 512B - Virtual size: 103B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 173KB - Virtual size: 172KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ